VYPR

apk package

chainguard/libjpeg-utils

pkg:apk/chainguard/libjpeg-utils

Vulnerabilities (1)

  • CVE-2023-2804May 25, 2023
    affected < 2.1.91-r3fixed 2.1.91-r3

    A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrgext.c file. The vulnerability can only be exploited with 12-bit data precision for which the range of the sample data type exceeds the valid sample range, hence,